[jira] [Created] (XERCESC-2188) Use-after-free on external DTD scan

Scott Cantor (Jira) Mon, 16 Dec 2019 15:20:07 -0800

Scott Cantor created XERCESC-2188:
-------------------------------------

             Summary: Use-after-free on external DTD scan
                 Key: XERCESC-2188
                 URL: https://issues.apache.org/jira/browse/XERCESC-2188
             Project: Xerces-C++
          Issue Type: Bug
          Components: Validating Parser (DTD)
    Affects Versions: 3.2.2, 3.2.1, 3.1.4, 3.1.3, 3.2.0, 3.1.2, 3.1.1, 3.1.0, 
3.0.2, 3.0.1, 3.0.0
            Reporter: Scott Cantor
         Attachments: Apache-496067-disclosure-report.pdf


This is a record of an unfixed bug reported in 2018 in the DTD scanner, per the 
attached PDF, corresponding to CVE-2018-1311.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (XERCESC-2188) Use-after-free on external DTD scan

Reply via email to